Azure AD B2C Custom Identity Policy (multitenant + external identity providers)

Question

I’m struggling with configuring Azure AD B2C so it supports: Multitenants and external identity providers at the same. I have a SPA application (in Angular, using MSAL.js) with .NET backend (.NET 4.8). I have configured “Identity providers” and followed a tutorial from active-directory-b2c-custom-policy-starterpack sample. My app is registered in Azure. It has Authentication links configured (I tried https://xxx.b2clogin.com/xxx.onmicrosoft.com/oauth2/authresp for both WEB and SPA authentications). It has API permissions to Microsoft Graph. No success so far. Current error: AADB2C90273: An invalid response was received : 'Error: unsupported_response_type,Error Description: AADSTS70005: 'The application requested an unsupported response type '' when requesting a token. I suspect that the custom policy XML file is misconfigured. Unfortunately, what I miss is a general overview how the solution supposed to work. That’s why I have the following questions. I’ll applicate any additional hints on the topic.

Questions:

When user authenticates with external identity provider (e.g., Facebook, LinkedIn, external SSO) will an account be created for him in Azure Active Directory B2C?
Multitenant administrators have to add permissions to their users in order to use my app? How can they do that?
AADSTS70005: 'The application requested an unsupported response type '' when requesting a token. – where can I configure the response type for “this” application?

Azure AD B2C Custom Identity Policy (multitenant + external identity providers)

Answers (1)

Related Questions